EUVD-2023-58069

Malicious code in bioql PyPI...

EUVD-2022-29628

Malicious code in bioql PyPI...

EUVD-2022-1623

Malicious code in bioql PyPI...

GHSA-JM79-7XHW-6F6F GWC Home Page communicate version and revision information

Summary The GeoWebCache home page includes version and revision information about the software in use. This information is sensitive from a security point of view because it allows software used by the server to be easily identified. Details...

GWC Home Page communicate version and revision information

Summary The GeoWebCache home page includes version and revision information about the software in use. This information is sensitive from a security point of view because it allows software used by the server to be easily identified. Details...

PT-2025-24662 · Geoserver · Geoserver

Name of the Vulnerable Software and Affected Versions: GeoServer versions prior to 2.25.6 GeoServer versions prior to 2.26.2 Description: The GeoWebCache home page includes version and revision information about the software in use, which is sensitive from a security point of view as it allows th...

CVE-2023-5786

A vulnerability was found in GeoServer GeoWebCache up to 1.15.1. It has been declared as problematic. This vulnerability affects unknown code of the file /geoserver/gwc/rest.html. The manipulation leads to direct request. The attack can be initiated remotely. The exploit has been disclosed to the...

CVE-2022-24846

GeoWebCache is a tile caching server implemented in Java. The GeoWebCache disk quota mechanism can perform an unchecked JNDI lookup, which in turn can be used to perform class deserialization and result in arbitrary code execution. While in GeoWebCache the JNDI strings are provided via local...

Classpath resource disclosure in GWC Web Resource API on Windows / Tomcat

Impact If GeoServer is deployed in the Windows operating system using an Apache Tomcat web application server, it is possible to bypass existing input validation in the GeoWebCache ByteStreamController class and read arbitrary classpath resources with specific file name extensions. If GeoServer i...

CVE-2024-24749 Classpath resource disclosure in GWC Web Resource API on Windows / Tomcat

GeoServer is an open source server that allows users to share and edit geospatial data. Prior to versions 2.23.5 and 2.24.3, if GeoServer is deployed in the Windows operating system using an Apache Tomcat web application server, it is possible to bypass existing input validation in the GeoWebCach...

CVE-2024-24749 Classpath resource disclosure in GWC Web Resource API on Windows / Tomcat

GeoServer is an open source server that allows users to share and edit geospatial data. Prior to versions 2.23.5 and 2.24.3, if GeoServer is deployed in the Windows operating system using an Apache Tomcat web application server, it is possible to bypass existing input validation in the GeoWebCach...

GeoServer Security Vulnerabilities

GeoServer is GeoServer open source an open source software server written in Java. It allows users to share and edit geospatial data. A security vulnerability exists in GeoServer that stems from the fact that if GeoServer is deployed in a Windows operating system using the Apache Tomcat web...

PT-2024-5226 · Apache +1 · Apache Tomcat +1

Name of the Vulnerable Software and Affected Versions: GeoServer versions prior to 2.23.5 and 2.24.3 Description: The issue is related to the GeoWebCache ByteStreamController class, where it is possible to bypass existing input validation and read arbitrary classpath resources with specific file...

CVE-2023-5786

A vulnerability was found in GeoServer GeoWebCache up to 1.15.1. It has been declared as problematic. This vulnerability affects unknown code of the file /geoserver/gwc/rest.html. The manipulation leads to direct request. The attack can be initiated remotely. The exploit has been disclosed to the...

CVE-2023-5786

A vulnerability was found in GeoServer GeoWebCache up to 1.15.1. It has been declared as problematic. This vulnerability affects unknown code of the file /geoserver/gwc/rest.html. The manipulation leads to direct request. The attack can be initiated remotely. The exploit has been disclosed to the...

Design/Logic Flaw

A vulnerability was found in GeoServer GeoWebCache up to 1.15.1. It has been declared as problematic. This vulnerability affects unknown code of the file /geoserver/gwc/rest.html. The manipulation leads to direct request. The attack can be initiated remotely. The exploit has been disclosed to the...

CVE-2023-5786 GeoServer GeoWebCache rest.html direct request

A vulnerability was found in GeoServer GeoWebCache up to 1.15.1. It has been declared as problematic. This vulnerability affects unknown code of the file /geoserver/gwc/rest.html. The manipulation leads to direct request. The attack can be initiated remotely. The exploit has been disclosed to the...

CVE-2023-5786

GeoServer GeoWebCache (up to 1.15.1) is affected by CVE-2023-5786. The vulnerability concerns unauthorized access via the /geoserver/gwc/rest.html page and can be acted on remotely; an exploit has been disclosed publicly. Several connected sources describe the issue as affecting GeoWebCache versi...

CVE-2023-5786 GeoServer GeoWebCache rest.html direct request

A vulnerability was found in GeoServer GeoWebCache up to 1.15.1. It has been declared as problematic. This vulnerability affects unknown code of the file /geoserver/gwc/rest.html. The manipulation leads to direct request. The attack can be initiated remotely. The exploit has been disclosed to the...

GeoServer GeoWebCache Security Vulnerability

GeoWebCache is a Java Web application for caching map slices from various sources, such as the OGC Web Map Service WMS. A security vulnerability exists in GeoServer GeoWebCache version 1.15.1 and earlier, which stems from an unauthorized access vulnerability in the /geoserver/gwc/rest.html page...